Security Configuration
8-11
4. If adding a new MAC Firewall Rule, provide a name up to 32 characters in length.
5. Define the following parameters for the IP Firewall Rule:
6. Select + Add Row as needed to add additional MAC Firewall Rule configurations. Select the - Delete
Row icon as required to remove selected MAC Firewall Rules.
7. Select OK when completed to update the MAC Firewall Rules. Select Reset to revert the screen back to
its last saved configuration.
Allow Every IP Firewall rule is made up of matching criteria rules. The action
defines what to do with the packet if it matches the specified criteria. The
following actions are supported:
Deny— Instructs the Firewall to not to allow a packet to proceed to its
destination.
Permit—Instructs the Firewall to allow a packet to proceed to its
destination.
Source and
Destination MAC
Enter both Source and Destination MAC addresses. Devices use the
source IP address, destination MAC address as basic matching criteria.
Provide a subnet mask if using a mask.
Action The following actions are supported:
Log—Events are logged for archive and analysis.
Mark—Modifies certain fields inside the packet and then permits them.
Therefore, mark is an action with an implicit permit.
- VLAN 802.1p priority.
- DSCP bits in the IP header.
- TOS bits in the IP header.
Mark, Log — Conducts both mark and log functions.
Precedence Use the spinner control to specify a precedence for this MAC Firewall rule
between 1-1500. Rules with lower precedence are always applied first to
packets.
VLAN ID Enter a VLAN ID representative of the shared SSID each user employs to
interoperate within the network (once authenticated by the RADIUS
server). The VLAN ID can be between 1 and 4094.
Match 802.1P Configures IP DSCP to 802.1p priority mapping for untagged frames. Use
the spinner control to define a setting between 0-7.
Ethertype Use the drop-down menu to specify an Ethertype of either ipv6, arp, wisp,
monitor 8021q. An EtherType is a two-octet field within an Ethernet frame.
It’s used to indicate which protocol is encapsulated in the payload of an
Ethernet frame.
Description Provide a description (up to 64 characters) for the rule to help differentiate
the it from others with similar configurations.
To Next Page
Loading...
